CISO January 24, 2023

Everyone Wants to Build a Cyber Range: Should You?

7 min read - In the last few years, IBM X-Force has seen an unprecedented increase in requests to build cyber ranges. By cyber ranges, we mean facilities or online spaces that enable team training and exercises of cyberattack responses. Companies understand the need…

Identity & Access February 3, 2022

New Year, Same Risks? Six Cyber Resilience Resolutions for a Safer 2022

4 min read - 2021 was a banner year for cyber attacks. Compared to 2020, last year saw a 50% increase in attacks per week on corporate networks, even as the total cost of managing a cyber attack rose by 10%, according to IBM’s…

Incident Response January 25, 2022

Why Your Business Continuity Plan Should Cover Communication and Office Access

4 min read - Imagine a scenario where your company’s digital infrastructure goes offline. Your servers are unreachable, the company website is offline, internal communication stops working and employees are locked out of offices because keycard security systems are down. Your entire company—literally everything…

Incident Response December 20, 2021

A Journey in Organizational Resilience: Survive the Disruption and Become Stronger

6 min read - Our journey through the factors that make up organizational cyber resilience is almost complete. It’s time to put the puzzle pieces together.  First, a quick look at the issues we’ve covered so far.  The Human Factor Business Continuity Disaster Recovery…

Incident Response November 22, 2021

A Journey in Organizational Resilience: Insider Threats

4 min read - Very much like privacy concerns, insider threats may not be the first issue to come to mind when building an enterprise cyber resilience plan. However, they should be. Here is why: because as we noted in the first piece of…

Incident Response November 15, 2021

A Journey in Organizational Resilience: The Data Life Cycle

3 min read - With so many efforts focused on restoring systems, applications and workloads, it is easy to miss an important piece: the data that makes business processes possible. A fully restored system is as good as offline if you don’t have the…

Incident Response November 8, 2021

A Journey in Organizational Resilience: Supply Chain and Third Parties

4 min read - The next stop on our journey focuses on those that you rely on: supply chains and third parties.  Working with external partners can be difficult. But, there is a silver lining. Recent attacks have resulted in an industry wake-up call…

Incident Response November 1, 2021

A Journey in Organizational Resilience: Security by Design

4 min read - Security by design is one of those concepts that happily goes hand in hand with resilience. Candidly, they were made for each other. The security by design methodology helps minimize some of the inherent risk we cannot do anything about.…

Zero Trust October 28, 2021

2021 Cyber Resilient Organization Study: Rise of Ransomware Shows the Need for Zero Trust and XDR

2 min read - “How many millions did you pay threat actors in a ransomware attack?” “Which investments most significantly improved cyber resiliency for your organization?” “Do you have a cybersecurity incident response plan that’s applied consistently across your enterprise?” The answers to these…

Incident Response October 25, 2021

A Journey in Organizational Resilience: Privacy

4 min read - Privacy concerns may not be the first issue that comes to mind when building an enterprise cyber resilience plan. However, you should expect them to gain prominence. For perspective, consider for a moment that the NIST Privacy Framework is a…